Skip to main content

How Backup Can Help Businesses Never be Held Hostage by Ransomware

By:  Richard Agnew, VP NW EMEA at Veeam Software

Paying ransom fees to regain access to data in the vague hope that criminals will release files from hostage is a known phenomenon that continues to demand regular column inches. But currently, with ransomware on the rise, no company wants to get into the habit of paying out a ransom fee to access their own services.

Ransomware threats reached an all-time high in 2016, increasing by 752 per cent compared to the previous year and resulting in £815 million in losses for businesses, according to a study by Trend Micro and the Zero Day Initiative. This came as the number of ransomware families – including variants known as Bit Crypt, CryptoWall, Cerber and Jigsaw – increased from just 29 to 247 in the same timeframe, while research by CyberEdge Group found that nearly two thirds of organisations fell victim to a ransomware attack during the year.

This begs the question – how can businesses guard against the rising threat of ransomware?

The rise of ransomware

The vital ingredient in ransomware’s startling rise is money. The sheer size of the reward available can convince even people with impeccable moral standards to commit a crime. Suddenly there is a reason for rogue employees to take a risk and those with intimate knowledge of a company’s business processes can purposely target systems containing its most precious data to ensure the organisation must pay, and pay big.

The other key factor here is that malware has previously been something only skilled hackers could create, but now the ease of ransomware creation makes the process almost effortless – making it a simple task for, in theory, anyone with a computer to drop the malware and wait for the ransom pay-out. Indeed, a service known as Satan on dark web portal Tor allows anyone to create and configure a variant of malware and choose from a range of techniques, select a ransom note, choose a contact preference and track the amount of money they’ve made.

Trojan malware like Locky, TeslaCrypt and CryptoLocker are the most commonly used variations currently used to attack companies. These often breach security loopholes in web browsers and their plugins or inadvertently opened email attachments then, once inside the company, the ransomware can spread at breakneck speeds and begin to encrypt valuable data. The FBI has recommended that companies implement a solid ransomware backup and recovery strategy for effective protection against data loss caused by CryptoLocker or any other Trojan.

Repelling ransomware

Placing tight permissions on data is all well and good but realistically it will not help businesses, given that credentials can be obtained with a keylogger or through social engineering. Instead, to protect themselves against the threat of insider threats and ransomware, businesses should look to air gapped backups, which are essentially offline backups that cannot be manipulated or deleted remotely.

The criticality of the workloads and data within business environments demands a 3-2-1 rule, whereby 3 copies of the company data should be saved on 2 different media and 1 copy should be offsite.

Here are four options for effective data backup:

1.    Backup Copy Job to disk

The first option is to transfer the data from one location to another using Backup Copy Job. Here, a file is not just copied, but the individual restore points within the backup are read and written to a second disk destination. Should the primary backup be encrypted or become corrupt, the Backup Copy Job would also fail because the vendor would not be able to interpret the data.

In such a scenario, the only hope is that the second backup repository has been separated from the rest of the IT environment. One could also use a Linux-based backup repository to secure against Windows Trojans.

 2.    Removable hard disks

Another option is to use a removable storage device as the secondary repository. This is usually done with removable hard drives such as USB disks, which aren’t commonly recommended for security purposes but if stored in a secure location could be a viable option for avoiding ransomware. In addition, when it comes to media rotation it is possible to detect when an old piece of media is re-inserted and automatically ensure that old backup files are deleted and a new backup chain is started.

 3.    Tape

The once-condemned tape option is becoming an increasingly popular option for IT in regards to encryption Trojans. This is because tapes do not enable direct data access, and thus provide protection against ransomware. Just like rotatable media, tapes should be exported to a secure location for optimum protection.

4.    Storage snapshots and replicated VMs

Organisations can enjoy additional availability and ways to implement the 3-2-1 rule with storage snapshots and replicated VMs. These are semi-offline instances of data that can be resilient against malware propagation.

Never pay a ransom again

The ability to restore data means no business should ever have to pay a ransom. However, nothing can be taken for granted in the cybersecurity space, as threats are constantly shifting and the number of attack surfaces grow with every new device added to a network.

Businesses must assume it is a case of when an attack will happen, not if. To remain agile and in control of both new and emerging threats, security must no longer operate as a silo IT function but rather as a fundamental business process and enabler.

Ransomware must be prevented where possible, detected if it gains access to systems and contained to limit damage. But only through a collaborative and integrated approach, which ensures both security policies and SLAs align with business objectives, can organisations have confidence their data is as secure and available as possible. Doing so gives them the best chance of keeping their organisation one step ahead of the cybercriminals, as they look to realise the benefits of digitisation.

Popular posts from this blog

Cloud Computing powering India’s priority of ‘Digital-first country’

By: Sunil Mahale, India MD and VP, Nutanix
Digital transformation has been recognized as being vital to the growth of our nation. This transformation has enjoyed the unanimous approval and contribution from all stake holders including enterprises, MSMEs, government bodies and citizens. But this level of adoption in a country with a population of over a billion people would need a robust technology base that is capable to collecting and distributing vital data seamlessly.
Digital India envisions creating high speed digital highways, that will impact commerce and create a digital footprint for every individual. Technologies based on mobility, analytics, Internet of things and most importantly, cloud technologies are the building blocks for the digital India missionThere is a growing need to manage huge volumes of data, and making them readily available to public through digital cloud services. Cloud has a pivotal role in enabling this change.
While Data centers have become crucial to th…

Semalt Expert Tells The Reasons Qualitative SEO Services Are Not Cheap

Just like the internet, Search Engine Optimization is constantly changing. Also, it's becoming more difficult to perform a good SEO as soon as Google is continuously improving the algorithm of ranking websites. SEO becomes more complicated so you should expect to pay more for hiring SEO specialists or agencies.
The leading Customer Success Manager of Semalt, Igor Gamanenko explains what factors force SEO services cost increase.
SEO Expertise
SEO has been undergoing the crucial changes and updates over the last 10 years. In the early days of SEO, Google only was caring about the technical aspect of your website, links and keyword metadata to rate you higher. The rating guidelines were quite easy: all you had to do was using some keywords in your metadata and more links than your competitors. This was enough to give you a higher ranking in search engines.
Today, the game has completely changed. Through semantics, Google has a better understanding of internet searches, so it can judg…

RevStart launches its RevItUp Incubation Programme

Underlining its vision of creating a nurturing ecosystem for start-ups to grow in, RevStart, a co-working and incubation centre, has announced the launch of its RevItUp Incubation Programme. The 12-week long programme will be held at RevStart Incubation Centre in Noida from July 1, 2018 onwards. As part of the programme, RevStart will select five high potential start-ups from the ed-tech sector, AI, Consumer Internet, Sustainability, as well as for-profit social impact companies to assist them with developing their business, along with connecting them to global mentors across industries and sectors. In addition, start-ups selected for the programme will receive INR 5 lakh to Rs. 25 lakhs worth of cash and benefits, while RevStart will get an equity stake in the ventures.
The RevItUp Incubation Programme has been created to enhance the founding team’s industry, product, and company building knowledge and capabilities through a world-class curriculum. The programme will focus on tailor…